public void ShouldFailIfTimestampUsesWeakSignatureAlgorithm()
{
var signatures = GetGraphForFile("../../inputs/timestampedweaksig.ex_");
var rule = new TimestampedRule();
var logger = new MemorySignatureLogger();
var result = rule.Validate(signatures, logger, Configuration);
Assert.Equal(RuleResult.Fail, result);
Assert.Collection(logger.Messages, s => s.EndsWith("Signature is not timestamped with the expected hash algorithm SHA256."));
}
public void ShouldPassIfTimestampedAlgorithmIsValid()
{
var signatures = GetGraphForFile("../../inputs/timestampedvalid.ex_");
var rule = new TimestampedRule();
var logger = new MemorySignatureLogger();
var result = rule.Validate(signatures, logger, Configuration);
Assert.Equal(RuleResult.Pass, result);
Assert.Empty(logger.Messages);
}
public void ShouldFailIfNoTimestamp(string file)
{
var signatures = GetGraphForFile(file);
var rule = new TimestampedRule();
var logger = new MemorySignatureLogger();
var result = rule.Validate(signatures, logger, Configuration);
Assert.Equal(RuleResult.Fail, result);
Assert.Collection(logger.Messages, s => s.EndsWith("Signature is not timestamped."));
}
